[3.9] firefox-esr: Multiple vulnerabilities (CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, CVE-2018-12379)
CVE-2018-12376: Memory safety bugs
CVE-2018-12377: Use-after-free in refresh driver timers
CVE-2018-12378: Use-after-free in IndexedDB
CVE-2018-12379: Out-of-bounds write with malicious MAR file
Fixed In Version:
firefox ESR 60.2
References:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/
(from redmine: issue id 9402, created on 2018-09-10, closed on 2019-04-15)
- Relations:
- parent #9401 (closed)
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information